// 2023-03-29 // SITUATIONAL AWARENESS // CrowdStrike Tracking Active Intrusion Campaign Targeting 3CX Customers // : crowdstrike
https://www.reddit.com/r/crowdstrike/comments/125r3uu/20230329_situational_awareness_crowdstrike/
I’d TAP That Pass. A better way to attack Azure AD with… | by hotnops | Mar, 2023 | Posts By SpecterOps Team Members
https://posts.specterops.io/id-tap-that-pass-8f79fff839ac
Hillai Ben-Sasson on Twitter: "I hacked into a @Bing CMS that allowed me to alter search results and take over millions of @Office365 accounts. How did I do it? Well, it all started with a simple click in @Azure… 👀 This is the story of #BingBang 🧵⬇️ https://t.co/9pydWvHhJs" / Twitter
https://twitter.com/hillai/status/1641146508639600646
Spyware vendors use 0-days and n-days against popular platforms
https://blog.google/threat-analysis-group/spyware-vendors-use-0-days-and-n-days-against-popular-platforms/
GitHub - DragoQCC/HardHatC2: A c# Command & Control framework
https://github.com/DragoQCC/HardHatC2
QCon Keynote - Google スライド
https://docs.google.com/presentation/d/1wOT5kOWkQybVTHzB7uLXpU39ctYzXpOs2xVyD4zuYXY/edit?usp=drivesdk
GitHub - vanhoefm/macstealer
https://github.com/vanhoefm/macstealer
Cobalt Strike 2023 Roadmap and Strategy Update | Cobalt Strike
https://www.cobaltstrike.com/blog/cobalt-strike-2023-roadmap-and-strategy-update/
The DEA Bought Customer Data from Rogue Employees Instead of Getting a Warrant
https://www.vice.com/en/article/3akn8v/the-dea-bought-customer-data-airlines-parcel-bus-amtrak-no-warrant
The Life and Times of SysInternals | How One Developer Changed the Face of Malware Analysis - SentinelOne
https://s1.ai/SysInternals
CyberChef Malware Analysis - DCRat Loader - YouTube
https://www.youtube.com/watch?v=rpp6BZYIziM
signature-base/gen_mal_3cx_compromise_mar23.yar at master · Neo23x0/signature-base · GitHub
https://github.com/Neo23x0/signature-base/blob/master/yara/gen_mal_3cx_compromise_mar23.yar
Pause Giant AI Experiments: An Open Letter - Future of Life Institute
https://futureoflife.org/open-letter/pause-giant-ai-experiments/
feat: new compromised 3cx rules by nasbench · Pull Request #4151 · SigmaHQ/sigma · GitHub
https://github.com/SigmaHQ/sigma/pull/4151/files
Google finds more Android, iOS zero-days used to install spyware
https://www.bleepingcomputer.com/news/security/google-finds-more-android-ios-zero-days-used-to-install-spyware/